Target customers in Canada may have had their names and contact information stolen in a large data breach that targeted credit and debit card accounts in the U.S.
An email from the company sent to some Canadian customers on Monday says that names, mailing addresses, phone numbers and email addresses may have been taken during the pre-Christmas breach.
It’s believed that Canadian cross-border shoppers who went to U.S. Target stores between Nov. 27 and Dec. 15 were affected. But the email was also sent to some Target Canada customers who were not in the U.S. during that time.
Last month, Target had said that hackers stole data related to 40 million credit and debit accounts in the U.S., but Canadian stores were not affected because they use a separate point-of-sale system.
However, the email said some Canadians who shopped at Target are among the 70 million customers who may have had their names, addresses and phone numbers taken.
Target Canada spokesperson Lisa Gibson told The Canadian Press that the number of affected Canadians is estimated to be "well under" one per cent of the total.
"Much of the guest data that was taken is partial in nature," Gibson said.
The email also says Target is working with a third-party forensics firm to investigate the breach, as well as its own internal processes. It adds the retail giant is working on “a credit-monitoring offer for impacted Canadian guests.”
Those who may have been affected will be sent additional information.
Target said it believes that the theft of roughly 40 million debit and credit card numbers in the U.S. only affected cards swiped between Nov. 27 and Dec. 15.
Target is urging customers to “always be cautious” and not share their personal information with anyone via phone, email or text. Target also says people should be wary of emails with suspicious links, or those that ask for money.